The invention relates generally to systems employing cryptography based security, and more particularly to systems employing public key encryption.
Communication systems such as computer networks, telecommunication systems, and other systems are increasingly using cryptography to encrypt information sent electronically. With the increase in electronic commerce, electronic mail communication, and other information for which users may wish to keep secret, public key cryptography systems employ an encryption key pair, such as a decryption private key and an encryption public key to decrypt and encrypt data. The decryption private keys are secret keys that are protected by the use of encryption techniques and other techniques to help ensure that an attacker cannot readily obtain this critical key. In communications that employ many users, it is not uncommon that a given software application has its own encryption and decryption keys as well as the user of a computer.
As people move from location to location within large organizations having large networks employing public key cryptography, the associated decryption private key and encryption public key must also be securely transferred to another computer for example, or software application to allow the user to roam at different computers or applications within the system. In a more open environment, it may be desirable to have a user gain access to their encrypted e-mail or other data files stored in a server in one city from a terminal or networked computing device located across the country, or to set up encrypted communications sessions to other servers or users. In this way, a user may roam from one computer or application to another and still obtain encrypted information as though they are physically located at their home base. For example, where a user is traveling, access to their encrypted e-mail may be imperative in performing their job while remotely located. Similarly, from a computing station a user roams to, it may be desirable to have the ability to set up a secure communication session, in order to securely access and be able to decrypt sensitive information on a corporate server. Hence it would be desirable to provide an alternate computing unit that allows access to encrypted information at the home station.
Conventional public cryptography based security systems may store a user's decryption private key and other user-specific data, such as program settings or user preferences, in secure storage of a server or directory. The storage of such user-specific data in a centralized location accommodates central generation and/or updating of data. This allows updates to be locally accessible to the user from various locations, and may serve as a master copy in case the local data storage or program employing such data is lost or upgraded. Each time a user (subscriber) accesses the server/directory with appropriate identification or access permission, the subscriber obtains access to its user-specific data. A problem with such systems, is that there is typically no history of previous decryption private keys so a subscriber cannot read older encrypted data. For example if a previous e-mail was encrypted using an older encryption key of the subscriber, and the encryption key was subsequently updated or replaced after a period of time, which is common, the e-mail cannot be read using the new decryption private key because it is no longer paired with the older public encryption key.
To overcome this problem, other public key cryptography based security systems store the history of decryption private keys locally in a user's computer memory units and protect this information (for example by encryption) to avoid access by an attacker. In addition, the history of the decryption private keys is stored in a master copy form in the security manager server. In such a system however, such backed-up decryption private keys are only accessible through the manager server and not directly to the user.
Upon loss of a previous decryption private key, which may be 1,000 bits long (for example if the RSA algorithm is used), a subscriber or user identified as having the proper access for the community can be allowed to access the stored history data to obtain a previously lost decryption private key. A user may need to recover multiple keys, that is a key history, because the validity of certificates expires periodically, and thus over time users have a number of different key pairs. A new key pair is automatically generated either by the manager server or the user computer upon the expiration of the validity period of the certificates. In order for a user to obtain a copy of the key history from the manager server, the subscriber must prove through special procedures which provide access control, such as a manual telephone call or personal appearance or other mechanism to obtain a new password to gain access to the key history. Because access to the manager server key history is particularly sensitive, such procedures are typically designed to be inappropriate for frequent use, and therefore are inconvenient as a mechanism of regular access to the key history. Moreover, with such systems, if a user wishes to go to another computer or use another software application and still have the security privileges associated with the decryption private key of the home or primary computing unit, the user needs to carry a copy of the private decryption key with him/her for example on a diskette or smart card or other physical token, such as a hardware token. The use of physical or hardware tokens to ensure secrecy of decryption private keys can be inconvenient particularly if a user wishes to avoid losing the token when traveling, or finds it inconvenient to always carry such a token. In addition, if a new decryption key is assigned due to lapse of an expire period for the associated certificate while the user is traveling, the user would need to update the hardware token while away from home base. This can be impractical particularly when the information must be communicated securely to avoid detection by a potential attacker, and a mechanism for updating a physical token with new keying material may not be available or trusted on the roamed-to computing device.
Hence, where physical or hardware tokens such as key storage transport devices are used, a primary computing unit can securely store the decryption private key on the token. The user then carries the token and inserts it in another computing unit such as a laptop computer which has suitable security software to retrieve the decryption private key from the token. A public directory or other data file server is also typically in communication with the computing units to provide an encryption public key certificate corresponding to the decryption private key to ensure that the decryption private key is associated with a particular user or software application. However, such public repositories do not typically store any private keys to facilitate decryption of information.
Consequently there exists a need for a public key cryptography based security system to facilitate roaming use of the encryption system. In such a system, it would be desirable to provide the security privileges associated with the decryption private key for a user on alternate units. It would be desirable if the system allowed an alternate computing unit to participate in retrieving decryption private key information so that encrypted information may be evaluated or decrypted by a user using a different software application or computing station. A roaming unit or alternate unit should be able to use its own processor for decrypting information or for using decryption private key data.